<?php
/**
* 登陆控制器
*/
class LoginAction extends Action{
	/**
	 * 登陆视图
	 */
	public function index(){
		$this->display();
	}

	/**
	 * 登陆操作
	 */
	public function login(){
		/*p($_SERVER);
		die;*/
		if(!$this->isPost()){
			halt('该页面不存在');
		}
		if($_SESSION['verify'] != md5($_POST['code'])) {
   		$this->error('验证码错误！');
		 }
		 $uname=$this->_post('uname');
		 $pwd=md5($_POST['upwd']);
		 $db=M('admin');
		 $user=$db->where(array('username'=>$uname))->find();
		 if(!$user || $user['password']!=$pwd){
		 	$this->error('用户名或密码错误');
		 }
		 if($user['lock']){
		 	$this->error('用户名被锁定');
		 }

		 if(isset($_POST['auto'])){
		 	$key=md5(C('AUTO_KEY'));
		 	$value=$key^$user['username'];
		  	$value=rtrim(base64_encode($value),'=');
		  	setcookie('auto',$value,time()+3600*24,'/');
		 }
		 session('uid',$user['id']);
		 session('username',$user['username']);
		 redirect(U('Index/index'));		
	}

	/**
	 * 验证码
	 */
	public function verify(){
		import('ORG.Util.Image');
		Image::buildImageVerify();
	}

	/**
	 * 退出操作
	 */
	public function logout(){
		session_unset();
		session_destroy();
		setcookie('auto','',1,'/');
		redirect(U('Login/index'));
	}

}
?>